You are here

Exploitation

Well here we are again DiabloHorn and Kimatrix this time with a finished CCNA semester. We have been busy with some school things like finishing the ccna lessons but it has brought us more things to play with like ARP. We digged up some info on arp and layer2 and started to read. After finishing ccna and done reading the papers we decided to put it all into practice in a controlled environment. So that we could test the things that where discussed in the papers. We decided to ask our teacher if we could borrow the lab and well he said yes :D

In order to achieve business goals, organisations frequently have to develop bespoke application solutions or customise commercial off-the-shelf (COTS) packages. These range from complex back-office database applications, CRMs and asset management systems to customer-facing fat and thin applications. Corporate web-applications offer anything from a simple brochure request to a full e-business implementation.

Availability of these services is important for customers and users of the site, with any disruption directly affecting revenues, negatively impacting confidence in the company or even damaging the brand.

More and more, developers are becoming aware of the threats posed by malicious code, and SQL injection in particular, and by leaving code vulnerable to such attacks. However, while SQL is the most popular type of code injection attack, there are several others that can be just as dangerous to your applications and your data, including LDAP injection and XPath injection. While these may not be as well-known to developers, they are already in the hands of hackers, and they should be of concern.

Facebook was founded by 2004 by Harvard student Mark Zuckerberg and originally called thefacebook. It was quickly successful on campus and expanded beyond Harvard into other Ivy League schools. With the phenomenon growing in popularity, Zuckerberg enlisted two other students, Duston Moskovitz and Chris Hughes, to assist. Within months, thefacebook became a nationwide college networking website.

The basic idea behind writing this article was to put forward a systematic approach that needs to be followed to perform a successful penetration test. It has been written keeping in mind both, existing penetration testers as well as newcomers who want to make this field as a career. People responsible for maintaining security in an organization can refer to this and know what they can expect from such an exercise.